Loading…
This event has ended. Visit the official site or create your own event on Sched.
WELCOME TO THE TEXAS CYBER SUMMIT
Simple
Expanded
Grid
By Venue
Palo Alto Networks [clear filter]
Saturday, October 12
 

1:00pm CDT

WS-1023 - Malware Traffic Analysis Workshop 2
This session is part two of a hands-on workshop presented across two separate sessions. The training provides a foundation for investigating packet captures (pcaps) of malicious network traffic from hosts running Microsoft Windows. Participants will review basic investigation concepts, set up Wireshark, and identify hosts and users in network traffic. The training provides several examples of infection traffic that focuses on mass-distribution commodity malware commonly seen from malicious spam. Pcaps for this workshop will be available online. For the best hands-on experience, participants should have a relatively current version of Wireshark (version 2.6 or better), preferably in a non-Windows environment.
  • You will be required to bring your own laptop, please install a virtual machine (VM) running Linux is recommended for participants using a Windows-based laptop.

Speakers
avatar for Brad Duncan

Brad Duncan

Threat Intelligence Analyst, Palo Alto Networks - Unit 42
isc.sans.edu. Brad routinely blogs technical details and analysis of infection traffic at www.malware-traffic-analysis.net, where he provides traffic analysis exercises and over 1,600 malware and traffic samples to a growing community of information security professionals.">After 21 years in the US Air Force, Brad transitioned to cyber security in 2010, and he is a currently a Threat Intelligence Analyst... Read More →

Saturday October 12, 2019 1:00pm - 4:00pm CDT
BONHAM 3-D | Expert 2 600 E Market St, San Antonio, TX Floor 3
  Intermediate, Packet Captures
 
Filter sessions
Apply filters to sessions.
Thursday, October 10
Friday, October 11
Saturday, October 12
BONHAM 3-B | Bee'ing New
BONHAM 3-C | Expert 1
BONHAM 3-D | Expert 2
BONHAM 3-E | Expert 3
BONHAM 3-X Common Area Stage *End of Hall
CROCKETT 4-D ICS SCADA HAVEN
Expo Business Center
REPUBLIC 4-A
REPUBLIC 4-C
SEGUIN 4-B AREA 51
SEGUIN A - 4th Floor
TEXAS BALLROOM - A/B | Keynote - CISO
TEXAS BALLROOM - C Track 1
TEXAS BALLROOM - D Hackers Lair
TEXAS BALLROOM - E Track 3
TEXAS BALLROOM - F Track 2
  • Advanced
  • Briefing
  • Car Hacking
  • Career Fair
  • Challenge
  • Competition
  • Compliance
  • Containers
  • Hands-On
  • Incident Response
  • Intermediate
  • Introduction
  • Keynote
  • LUNCH ON YOUR OWN
  • Monitoring
  • Sales Solutions Brief
  • Social
  • Social Engineering
  • Training
  • Company
  • BI.ZONE
  • BitDefender
  • CarbonBlack
  • Critical Start
  • CSA
  • DEVO
  • FireEye
  • Forge Point Capital
  • Fortinet
  • FSI.IO
  • McAfee
  • Microsoft
  • Mitre
  • NotSoSecure
  • Oracle
  • Palo Alto Networks
  • ReconInfoSec
  • RedTeam Nation
  • SpecterOps
  • SphereNY
  • Tanium
  • TrustedSec
  • UpGuard
  • USAA
  • Audience
  • Advanced
  • Beginner
  • Career Search
  • CISO
  • Keynote
  • Memory Agent
  • midlevel
  • Subject
  • AppSec
  • Architecture
  • blue team
  • Botnet
  • Business
  • CIS
  • DevOps
  • DevSecOps
  • Digital Transformation
  • Embedded
  • Exploits
  • Hacking
  • Hunting
  • incident response
  • IoT
  • MacOS
  • Malware
  • Model View Controller
  • OWASP
  • Packets
  • red team
  • Reverse Engineering
  • SIEM
  • Threat Intelligence
  • Area
  • Deep Walk-Through
  • Focused Talk
  • Hands-on
  • moloch
  • Monitoring
  • Product/Services
  • Reverse Engineering
  • Popular